Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/B5154EE47A0511EFBB046B51C4F9AE02.roa
File: B5154EE47A0511EFBB046B51C4F9AE02.roa (raw, json)
Hash identifier: qnK2qsd5OJZSvtQDOwpEqfdB2H2DqQFrPuvVhARx+EM=
Subject key identifier: EC:4C:F0:F7:FB:2A:ED:8A:05:4F:1B:E3:CB:D0:8D:98:44:35:08:AA
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 0719
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/B5154EE47A0511EFBB046B51C4F9AE02.roa
Signing time: Sun 09 Feb 2025 03:07:38 +0000
ROA not before: Sun 09 Feb 2025 03:07:38 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 64021
IP address blocks: 43.252.209.0/24 maxlen: 24
43.252.210.0/24 maxlen: 24
103.20.220.0/24 maxlen: 24
103.20.221.0/24 maxlen: 24
103.225.198.0/24 maxlen: 24
103.228.64.0/24 maxlen: 24
103.234.54.0/24 maxlen: 24
150.107.1.0/24 maxlen: 24
150.107.2.0/24 maxlen: 24
150.107.3.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1817 (0x719)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412
Validity
Not Before: Feb 9 03:07:38 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67a81bf9-756e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:18:5a:88:2e:75:e3:33:ca:6b:b9:2d:1a:37:
ba:73:bc:a5:ea:d5:fd:b7:33:45:af:46:87:4e:31:
5c:8f:17:e0:77:cc:60:3d:01:91:7a:e4:97:86:a9:
ff:03:c7:4f:12:2a:19:8b:85:e3:e2:0a:81:2e:ed:
aa:9e:e9:2d:98:01:b4:a6:3c:88:63:38:c1:fe:31:
c5:ab:0a:b0:bc:83:18:be:f7:37:44:df:aa:9e:df:
32:59:6d:6d:71:c2:f5:6c:96:3f:dc:dd:2c:1e:be:
27:43:49:25:df:9b:ef:cb:49:ba:13:71:d7:01:80:
9d:c6:2b:01:9e:fe:49:82:8a:3e:15:ad:fc:0a:81:
57:f8:b7:70:38:35:78:87:de:3f:e5:ad:d8:c1:34:
a9:59:2c:81:7f:67:f1:5f:9a:6b:6a:e3:6c:98:ca:
16:3e:99:5a:b4:02:8b:fc:9c:07:7a:8d:57:ea:88:
ac:3e:d4:29:78:62:b1:52:20:4f:e5:18:22:60:a8:
0b:4a:0c:05:bc:6a:26:66:dd:77:3b:d9:f5:db:5a:
98:73:65:9a:02:46:cf:da:27:16:69:48:80:e1:29:
ce:df:06:87:2a:31:dd:14:e3:b6:b6:23:05:ae:08:
2c:97:11:74:e4:eb:20:83:1a:f7:26:73:48:30:15:
12:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:4C:F0:F7:FB:2A:ED:8A:05:4F:1B:E3:CB:D0:8D:98:44:35:08:AA
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/B5154EE47A0511EFBB046B51C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.209.0-43.252.210.255
103.20.220.0/23
103.225.198.0/24
103.228.64.0/24
103.234.54.0/24
150.107.1.0-150.107.3.255
Signature Algorithm: sha256WithRSAEncryption
86:a1:a8:f6:7b:49:8e:ab:dc:84:5d:6c:f6:82:de:cc:2e:bd:
57:91:da:3f:70:b8:85:e6:e3:7c:43:d2:d4:5d:cc:04:c6:b7:
a4:b3:ea:16:a0:83:68:c3:d3:f1:a9:61:1c:c0:df:b8:6c:82:
39:4e:83:39:15:43:b2:77:f8:48:35:84:da:c0:0d:29:ed:7f:
bd:a0:90:d8:b3:16:15:f7:dd:6c:22:7a:20:6c:76:a4:7b:f4:
a5:27:e5:4d:45:e0:1d:53:4d:41:a9:7b:6a:9c:f2:b1:8a:c8:
b2:c8:97:df:7e:c4:7b:1c:2f:d5:ca:6d:c2:18:0d:81:18:32:
4c:53:08:7e:b0:5f:eb:93:29:db:ab:d5:60:01:6f:c4:3a:df:
42:ea:b3:78:ff:56:92:26:9f:1b:71:cc:02:5d:51:cc:f1:ec:
a7:9f:28:33:4e:7c:50:5d:46:38:0d:36:f4:8c:c5:78:54:29:
64:47:d8:59:f9:54:11:89:ca:f4:5d:08:86:d9:d2:42:51:70:
19:88:4b:4b:8c:61:90:8e:2e:41:ab:8b:af:af:25:5d:5b:2c:
30:2f:36:9a:63:b4:ed:c7:5c:73:cc:97:4a:ae:20:48:46:e5:
58:38:97:02:19:d1:8e:98:b6:9b:e2:c1:15:15:25:eb:c6:a1:
c1:ee:87:85
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgICBxkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjUwMjA5MDMwNzM4WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E4MWJmOS03NTZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnBhaiC514zPKa7ktGje6c7yl6tX9tzNFr0aHTjFcjxfgd8xgPQGReuSXhqn/
A8dPEioZi4Xj4gqBLu2qnuktmAG0pjyIYzjB/jHFqwqwvIMYvvc3RN+qnt8yWW1t
ccL1bJY/3N0sHr4nQ0kl35vvy0m6E3HXAYCdxisBnv5Jgoo+Fa38CoFX+LdwODV4
h94/5a3YwTSpWSyBf2fxX5prauNsmMoWPplatAKL/JwHeo1X6oisPtQpeGKxUiBP
5RgiYKgLSgwFvGomZt13O9n121qYc2WaAkbP2icWaUiA4SnO3waHKjHdFOO2tiMF
rggslxF05Osggxr3JnNIMBUSxQIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFOxM8Pf7
Ku2KBU8b48vQjZhENQiqMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvQjUxNTRFRTQ3
QTA1MTFFRkJCMDQ2QjUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E
PjA8MDoEAgABMDQwDAMEACv80QMEACv80gMEAWcU3AMEAGfhxgMEAGfkQAMEAGfq
NjAMAwQAlmsBAwQClmsAMA0GCSqGSIb3DQEBCwUAA4IBAQCGoaj2e0mOq9yEXWz2
gt7MLr1Xkdo/cLiF5uN8Q9LUXcwExreks+oWoINow9PxqWEcwN+4bII5ToM5FUOy
d/hINYTawA0p7X+9oJDYsxYV991sInogbHake/SlJ+VNReAdU01BqXtqnPKxisiy
yJfffsR7HC/Vym3CGA2BGDJMUwh+sF/rkynbq9VgAW/EOt9C6rN4/1aSJp8bccwC
XVHM8eynnygzTnxQXUY4DTb0jMV4VClkR9hZ+VQRicr0XQiG2dJCUXAZiEtLjGGQ
ji5Bq4uvryVdWywwLzaaY7Ttx1xzzJdKriBIRuVYOJcCGdGOmLab4sEVFSXrxqHB
7oeF
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:20:20 2025 by rpki-client